CLAIM AMENDMENTS 



Claim Amendment Summary 
Claims pending 

• Before this Amendment: Claims 1-6, 10-15, 18-21, and 23-29. 

• After tliis Amendment: Claims 1-6, 10-15, 18, and 28-29. 
Claims previously canceled: Claims 7-9, 16-17, 22, and 30-31. 
Claims canceled herein: Claims 19-21 and 23-27. 

Claims amended herein: None 
New claims: None. 
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Serial No.: 10/674,105 

Atty Docket No.: MS1-1564US jee|@haveS 
Atty/Agent: Christen M. Falrbom ^ , _ 



1. (Previously Presented) A method comprising: 
communicating a parental identity to an authentication server for 

verification; 

receiving a relationship ticl<et from the authentication server when the 
parental identity has been successfully verified, wherein the relationship ticket 
received from the authentication server is encrypted so that the relationship 
ticket cannot be decrypted by a client device which receives the relationship 
ticket, and wherein the relationship ticket includes the parental identity and 
identifies a child who's access to a Web server Is to be limited; 

generating a request to establish a selected permission level for the child 
which will limit the child's access to the Web server; 

sending the request and the relationship ticket to the Web server for 
decryption of the relationship ticket, authentication of the parental identity, and 
establishment of the selected permission level for the child; and 

receiving a success code from the Web server if the selected permission 
level is established for the child. 

2. (Origmal) A method as recited in claim 1 further including 
receiving a failure notification from the Web server If the selected permission 
level Is not established. 

3. (Original) A method as recited in claim 1 wherein sending the 
request to the Web server includes using an untrusted connection with the Web 
server. 
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4. (Original) A method as recited in claim 1 wherein the request to 
the Web server is sent using an unsecure connection with the Web server. 

5. (Original) A method as recited in claim 1 wherein the relationship 
ticket is encrypted by the authentication server. 

6. (Original) A method as recited In claim 1 wherein the selected 
permission level is established if the relationship tlcl<et Is authenticated. 

7. (Canceled) 

8. (Canceled) 

9. (Canceled) 

10. (Original) A method as recited in claim 1 wherein the 
authentication server is a .NET Passport server. 

11. (Original) A method as recited in claim 1 wherein selecting a 
permission level associated with a child's usage of a web site Is performed by a 
parent of the child. 
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12. (Previously Presented) One or more computer-readable 
memories including at least one tangible component, and containing a computer 
program that is executable by a processor to perform the method recited In claim 
1. 

13. (Previously Presented) A method comprising: 
communicating a employer identity to an authentication server for 

verification; 

receiving a relationship ticket from the authentication server when the 
employer identity has been successfully verified, wherein the relationship ticket 
received from the authentication server is encrypted so that the relationship 
ticket cannot be decrypted by a client device which receives the relationship 
ticket, and wherein the relationship ticket includes the employer identity and 
identifies an employee who's access to a Web server is to be limited; 

generating a request to establish a selected permission level for the 
employee which will limit the employee's access to the Web server; 

sending the request and the relationship ticket to the Web server for 
decryption of the relationship ticket, authentication of the employer identity, and 
establishment of the selected permission level for the employee; and 

receiving a success code from the Web server if the selected permission 
level is established for the employee. 

14. (Original) A method as recited in claim 13 wherein the relationship 
ticket is encrypted by the authentication server. 
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15. (Original) A method as recited in claim 13 wherein the relationship 
ticl<et is encrypted by the authentication server, and wherein the relationship 
ticl<et is decrypted by the Web server. 

16. (Canceled) 

17. (Canceled) 

18. (Previously Presented) One or more computer-readable 
memories including at least one tangible component, and containing a computer 
program that is executable by a processor to perform the method recited in claim 
13. 

19-27. (Canceled) 
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28. (Previously Presented) One or more computer-readable media 
including at least one tangible component, and having stored thereon a 
computer program that, when executed by one or more processors, causes the 
one or more processors to: 

select a permission level associated with an associate's access to a Web 
server; 

obtain a relationship ticket from an authentication server, wherein the 
relationship ticket obtained from the authentication server is encrypted and 
includes information regarding a manager's identity and information regarding an 
identity of an associate who's access to the Web server is to be limited; 

generate a request to establish a selected permission level for the 
associate which will limit the associate's access to the Web server; 

send the request and the relationship ticket to the Web server via an 
unsecure communication link for decryption of the relationship ticket, 
authentication of the manager's identity, and establishment of the selected 
permission level for the associate; and 

receive a success code from the Web server if the requested permission 
level is established for the associate. 
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29. (Original) One or more computer-readable media as recited in 
claim 28 wherein the relationship ticket is encrypted by the authentication server 
and decrypted by the Web server. 



30. (Canceled) 

31. (Canceled) 
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